OASIS Members Form New Committee to Standardize Methods for Evaluating Online Reputations

OASIS has formed a new technical committee to make it easier to validate the trustworthiness
of businesses, projects, and people working and socializing in electronic communities. The new OASIS Open Reputation Management Systems (ORMS) Technical Committee will define common data formats for consistently and reliably representing reputation scores. ORMS will be relevant for a variety of applications including validating the trustworthiness of sellers and buyers in online auctions, detecting free riders in peer-to-peer networks, and helping to ensure the authenticity of signature keys in a web of trust. ORMS will also help enable smarter searching of web sites, blogs, events, products, companies, and individuals.

"The use of the Internet as a medium for social interaction, commerce, and collaboration places new emphasis on the need for standard reputation mechanisms. More and more, trust is based on verifiable claims and opinions of others online," explained Abbie Barbir of Nortel. "As the convener of the OASIS ORMS Technical Committee, I see that the challenge to be addressed with this new work is to define open reputation management systems that enable large sets of different and possibly contradictory opinions about a person, company, or product to be evaluated in a fair and meaningful way."

Because the majority of existing on-line rating, scoring and reputation mechanisms have been developed by private companies using proprietary schemas, there is currently no common method to query, store, aggregate, or verify claims between systems. The different sources of reputation data--user feedback channels (product ratings, comment forms), online user profiles, etc.-- are each uniquely susceptible to bad actors, manipulation of data for specific purposes, and spammers.

"ORMS will provide standard ways to express assertions, evaluations and comparisons of rating and reputation data, making it easier to consume that data, aggregate it, and even 'rate the raters'," said James Bryce Clark, director of standards development at OASIS. "This will make systems less susceptible to data manipulation, and help make trustworthiness scores more usable, constructive and contextually relevant."

ORMS will not attempt to define algorithms for computing reputation scores. Instead, the OASIS Committee will provide the means for understanding the relevancy of a score within a given context.

ORMS will be offered for implementation on a Royalty-Free basis. The new technical committee will hold its first meeting on 1-2 May, in conjunction with the OASIS Open Standards 2008 symposium in Santa Clara, California. Participation in the OASIS ORMS Technical Committee remains open to all interested parties. Archives of the work will be accessible to both members and non-members, and OASIS will offer a mechanism for public comment. The ORMS Technical Committee is affiliated with the OASIS IDtrust Member Section, a group that promotes greater understanding and adoption of standards-based identity and trusted infrastructure technologies, policies, and practices.

Support for ORMS

"BEA is pleased to join in this effort," said Hal Lockhart, Office of the CTO at BEA Systems. "Developing reputation management standards is important to enabling agile business processes."

"CA welcomes and supports the formation of the OASIS ORMS Technical Committee. Reputation on the Internet and within the enterprise is a critical aspect of managing trust among participants in business transactions and social collaborations," said Vadim Lander, CA chief security architect. "Having an open standard for managing and providing reputation services will simplify the ability to include this important information in identity security solutions resulting in more secure and satisfactory business relationships."

"Reputation systems will without doubt play a major role in the emerging Internet identity layer," said Drummond Reed, Chief Architect of Cordance Corporation and co-chair of the OASIS XRI (Extensible Resource Identifier) and XDI (XRI Data Interchange) Technical Committees. "In fact, a key purpose of the XRI digital identifier and XDI data sharing specifications is to provide the building blocks Internet reputation systems will need. So we are very pleased to be a founding member of the ORMS TC."

"With the increasing use of 'strong' identities, regulated or unregulated, reputation plays an important part in the process of tracking an entity's actions and creating a feedback loop for analysis
of that data," said Anthony Nadalin, IBM Distinguished Engineer and chief security architect for IBM Tivoli Software. "The goal of this technical community is to look at standardized algorithms for this analysis and common data formats to develop working interoperability between these various reputation systems."


Read the complete announcement from OASIS.